The reality that Mac users have fallen victim to "scareware" scams -- right type that contain long plagued Windows users -- shouldn't come as a surprise. Since of course, fake antivirus software schemes like MacDefender don't really need to go with exploitable vulnerabilities, but alternatively typically make use of tricking users into visiting malicious sites and duping them into installing the application.
And Mac users, for those their pretensions otherwise, are as fallible because the next person.
But in the news accounts this month about MacDefender, and also the posts not only on Mac-specific blogs additionally it is on ones usually specialized in Windows, even if forgiven for believing that Macs are suddenly the victims preferred by.
They are not. Windows machines remain the typical target because, well, globally Windows PCs outnumber Mac OS by well over 16-to-1.
What is true is usually that Mac users now face similar scareware scams that Windows owners experience to address for years.
So styles deal? Macpocalypse this is? And what if you look ahead to, and what might you try to keep safe?
Those tend to be the questions we try and answer.
Is MacDefender a worm? Nope. Although MacDefender Dell latitude d630 battery聽and its ilk are categorized as the overall term "malware" -- like in, it's malicious ultimately -- it is not the herpes simplex virus, not merely a worm, as opposed to a true Trojan horse.
Instead, its probably a protracted type "scareware" or "rogueware," terms that relate to fake -- hence "rogue" -- software that attempts to spook you -- that's the "scare" -- into acquiring a worthless program.
The labels are commonly slapped on phony security software that claims a pc is heavily have contracted worms, viruses and various other malware. Such software nags users with pervasive pop-ups and fake alerts until they fork over the "registration" fee, which in MacDefender's case ranges between $60 and $80.
The criminals monetize their work by collecting these fees. And it is a profitable trade, at least where Windows scareware's concerned. Programs 2008, SecureWorks, now owned by Dell, revealed that some crooks were making nearly $5 million yearly shilling scareware.
So MacDefender isn't hacking my Mac? No. Although scareware targeting Windows have been able to silently plant itself on PCs after other malware first exploits a burglar vulnerability within the OS or any other software, MacDefender doesn't.
That's a possible future move, not surprisingly, assuming attackers take the time digging up an unpatched vulnerability in, say, Mac OS X or perhaps browser like Safari or Firefox, thereafter write an exploit.
So how do Macs get who have contracted offers like MacDefender? Easy, they dupe users into doing the job in their mind.
The group behind MacDefender entices victims to malicious sites, the place where a Web page that appears just like the Mac Finder appears, runs a phony virus scan, then claims the fact that machine is have been infected with a lot of Trojans. Whenever the unsuspecting user clicks the "OK" button, MacDefender downloads to your Mac.
Such social engineering-style attacks are commonplace on Windows, but have been completely rare on Macs. Seems like that party ends.
Okay, therefore i fell for that ruse. Exactly what goes on next? Once it's downloaded, MacDefender automatically you want to an install screen on Macs where Safari is running.
In case you used another browser to download the scareware -- Firefox or Chrome, for example -- the criminals count on you to find the just-obtained installation package from the browser's download destination and click on it.
Next you will see an ordinary Mac installation process. (In earlier versions you felt to input your administrator password, but that requirement's been eliminated inside the hottest version, dubbed "MacGuard.")
Once MacDefender's fooled you into installing it, the scareware runs another scan and drops numerous alerts on the screen, a part of the scam to make you become think your Mac is infected.
To the "infections," you spend up simply by entering your store card information.
Now i am not completely stupid ... Freezing won't pay up. Luxury crusie ship then? MacDefender -- which elapses names like MacSecurity, MacProtector and here, MacGuard -- duns you with those irritating pop-ups, flashes a symbol with the menu bar, and worst of all, opens pornographic pages in the browser every jiffy.
That last is mostly a new twist to spur you to ultimately find the money for the scareware.
"We think they do this because people will think that it means they have got the herpes virus to the Mac, they usually want to get got rid of it by paying with the program," said Peter James of Mac-only security software maker Intego within the interview recently.
MacDefender automatically runs every time you start your Mac, and that means you can't wipe out it by restarting or shutting down the cutter.
Therefore it is not going anywhere soon? Isn't there how to clear away it? Yes, you are able to scrub your Mac manually.
Earlier this week, Apple finally acknowledged the MacDefender scareware campaign by posting a support document on its site. That document spells the removal steps you need to take.
Can't the Mac remove this itself? Not. But Apple's promised an update to Mac OS X 10.6, aka Snow Leopard, which may.
"In the arrival days, Apple dell inspiron 6400 battery聽will deliver a Mac OS X software update which will automatically find and remove MacDefender malware as well as its known variants." Apple said around the support document it published Tuesday. "The update will also help look after users through providing an explicit warning once they download this malware."
Only Snow Leopard has rudimentary antivirus capabilities, that can warn users of an small number of threats. That same feature may quarantine already-downloaded files that this deems dangerous.
But Apple seems praoclaiming that rrt's going to convey a cleaning tool to Snow Leopard that may scrub an already infected Mac. In that case, that would be time period.
Also it signifies Apple could well be following in the footsteps of Microsoft, has offered free cleaning tools -- notably the Malicious Software Removal Tool, or MSRT -- for a long time. MSRT is updated at least once each and every month, then pushed to customers through the Windows Update service.
People running older versions of Mac OS X, including 10.5, aka Leopard and 10.4, the even older Tiger, presumably shall be ourselves.
How pervasive is MacDefender? Not one person really knows.
A back-of-the-envelope estimate by Ed Bott, a ZDNet blogger who usually writes about Windows but has dealt out a string on MacDefender, set the wide variety of infections between 60,000 and 125,000.
While security firms that sell Mac antivirus software didn't tossed out numbers that way, a -- Intego -- has cited Bott's estimates and figured "this fake antivirus is quite effective in tricking Mac users."
Today, Finnish antivirus company F-Secure said it saw "a significant rise on infections with all the Mac rogue Trojans," but didn't specify the raw numbers or even rate of increasing amount of infections.
The likes of Intego, naturally, be interested in touting MacDefender's ubiquity: They sell antivirus software with the Mac.
F-Secure, in actual fact, launched its first Mac-specific product today.
Symantec, which includes one of several world's largest network of malware sensors and "honeypot" systems -- in addition to sells Mac security software -- said hello didn't have "much if anything, when it comes to hard data/numbers" within the Mac scareware campaigns.
Bottom line: There's no solid evidence yet on what many Mac users are falling for any con.
Why the Mac? Why now? The question should be, "Why not before this?"
Scareware has hammered Windows users for some time, and stays a very popular method criminals to generate income. According to Microsoft's latest security intelligence report, send out MSRT cleaned lots of scareware-infected Windows PCs not too long ago.
Both Intego and Microsoft Compaq nc6400 battery聽have reported connections between MacDefender with a gang answerable for one of the largest Windows scareware families.
Intego says which your group simply added MacDefender to its scam arsenal by developing the Mac-specific fake antivirus program, then seeded it into the same malicious sites possess already serving up Windows scareware, in essence receiving a bigger bang to its buck.
Apple's increased sales of Macs can have triggered the move by its gang. While Windows PC sales have stalled -- but still greatly outnumber Mac sales -- Apple's sales of desktops and notebooks has outpaced PC sales for 25 consecutive quarters.
Where there exists a promote for malware, there's malware.
What / things I actually do to prevent MacDefender will be like off my Mac? Numerous things, actually.
For just one, keep clear of listings on hot news topics, since scareware scammers constantly "poison" those results to push their sites higher on the list. When MacDefender first appeared, it has been spread through sites that ranked high on Google Image searches, the ones caused by searches for info on Osama Bin Laden's death.
For, don't install everything you haven't downloaded yourself.
In case you browse with Safari, head to its Preferences screen, then uncheck the box marked "Open 'safe' files after downloading" at the end from the General tab: That keeps Safari from automatically opening mobile phone screen of MacDefender.
Only input your password when installing software you probably want and asked to be installed. If the account password dialog arises and you also can't predict why, don't enter your password.
While we're talking about accounts, the fresh new MacGuard scam doesn't need to have a password when running under the website owner account. You might even switch to a regular account instead, which can prompt you for one password when MacGuard attempts to install. Find out more about this Apple support document depending upon how to setup a normal account in Snow Leopard.
Never pay for security software you haven't wanted. Don't enter your bank card information in a prompt to sign up such software.
Consider adding an antivirus program to your Mac. Sophos gives one away free, and other people, including F-Secure, Intego and Symantec, sell products which will block scareware and take away it whether or not it's infected your machine.
没有评论:
发表评论